<?php

/**
 * @package Framework03
 * @author Walter Tamboer
 */

/**
 * The base class for the Access Control List.
 */
abstract class Acl
{
    /**
     * @var array A list with all roles.
     */
    private $RoleList;
    /**
     * Initializes a new instance of this class.
     */
    public function __construct()
    {
        $this->RoleList = array();
    }
    /**
     * Adds a role to this access control list.
     * @param AclRole $Role The new role
     * @param AclRole $Parent The parent to inherit permissions from
     * @return AclRole Returns the new created role.
     */ 
    public function AddRole(AclRole $Role, AclRole $Parent = null) 
    { 
        $Role->Parent = $Parent; 

        $this->RoleList[] = $Role; 
         
        return $Role; 
    } 
    /** 
     * Allow a permission for a role 
     * @param string $RoleName The name of the role 
     * @param string $Permission The permission to allow
     * @return bool Returns true if the role is allowed; false otherwise.
     */ 
    public function Allow($RoleName, $Permission) 
    { 
        foreach ($this->RoleList as $Role) 
        { 
            if ($Role->Name == $RoleName) 
            { 
                $Role->Allow($Permission); 
                return true; 
            } 
        } 
         
        return false; 
    } 
    /** 
     * Deny a permission for a role
     * @param string $RoleName The name of the role 
     * @param string $Permission The permission to allow
     * @return bool Returns true if the role is denied; false otherwise.
     */ 
    public function Deny($Name, $Permission) 
    { 
        foreach ($this->RoleList as $Role) 
        { 
            if ($Role->Name == $Name) 
            { 
                $Role->Deny($Permission); 
                return true; 
            } 
        } 
         
        return false; 
    } 
    /** 
     * Is a permission allowed?
     * @param string $RoleName The name of the role 
     * @param string $Permission The permission to allow 
     * @return bool Returns true if the role is allowed; false otherwise.
     */ 
    public function IsAllowed($Name, $Permission) 
    { 
        foreach ($this->RoleList as $Role) 
        { 
            if ($Role->Name == $Name) 
            { 
                return $Role->IsAllowed($Permission); 
            } 
        } 
         
        return false; 
    } 
} 

?>